CVE-2021-33578

CRITICAL

Echo ShareCare 8.15.5 - SQL Injection

Title source: llm
STIX 2.1

Description

Echo ShareCare 8.15.5 is susceptible to SQL injection vulnerabilities when processing remote input from both authenticated and unauthenticated users, leading to the ability to bypass authentication, exfiltrate Structured Query Language (SQL) records, and manipulate data.

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.0119
EPSS Percentile 64.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
echobh/sharecare 8.15.5
Published Jul 13, 2021
Tracked Since Feb 18, 2026